Security Research
Cisco released a set of security updates which include one critical, seven high severity and nineteen medium security advisories. At least seven vulnerabilities lead to denial of service condition on the affected system and the most severe vulnerability could allow a remote unauthenticated attacker to gain administrative access on the affected device. Cisco has released […]
Read More →Microsoft has released an emergency advisory for an unpatched zero-day vulnerability in Internet Explorer. Microsoft is also aware of limited targeted attacks in the wild. This vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group. The fix for this zero-day would be released as a part of the next Patch Tuesday updates. And […]
Read More →The release of Microsoft Patch Tuesday updates for January 2020 brought to light a critical vulnerability in Microsoft Windows CryptoAPI. Reported by National Security Agency, the national level intelligence agency of USA, CVE-2020-0601 is a spoofing vulnerability in Windows systems, the exploitation of which could have widespread consequences. Microsoft explains that this spoofing vulnerability in […]
Read More →Microsoft has released January Patch Tuesday security updates today, fixing 49 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products which includes Windows, Office, Office Services and Web Apps, Internet Explorer, .NET Core, ASP.NET, .NET Framework, OneDrive for Android, and Microsoft Dynamics. Out of these, 8 are classified as […]
Read More →Cisco has rolled out security patches for fourteen different products. Advisories released for Cisco Webex Video Mesh and Cisco IOS and Cisco IOS XE Software are considered important. The most severe of these vulnerabilities could allow an attacker to remotely execute commands and take control of an affected system. Cisco has released security updates for […]
Read More →Mozilla released two consecutive security advisories to address the vulnerabilities in Firefox and Firefox ESR. The latter is a critical advisory claiming that Mozilla is aware of in-the-wild attacks for a type confusion vulnerability. However, there are no details about the specific threat actor(s) abusing the aforementioned vulnerability. Mozilla’s release of Firefox version 72 includes […]
Read More →